CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

SUSE-SU-2019:1368-2 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments and exploits for different vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The...

box.js - A Tool For Studying JavaScript Malware

A utility to analyze malicious JavaScript. Installation Simply install box-js from npm: npm install box-js --global Usage Looking to use box-js with Cuckoo? Use cuckoo-package.py as an analysis package. Let's say you have a sample called sample.js: to analyze it, simply run box-js sample.js Chanc...

Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews

tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...

vulhub

It is an offensive tool for Vulnerability Research and Training. The repository, vulhub, contains pre-built vulnerable environments based on Docker-Compose. The primary vulnerability is not explicitly stated, but the repository includes various vulnerable environments, such as Flask SSTI, Apache...

Security Bulletin: IBM Cloud Private for Data is affected by an issue with runc used by Docker

Summary IBM Cloud Private for Data is affected by an issue with runc used by Docker. The vulnerability allows a malicious container to overwrite the host runc binary and thus gain root-level code execution on the host. Vulnerability Details CVEID: CVE-2019-5736 DESCRIPTION: Runc could allow a loc...

docker-engine security update

18.09.8-1.0.4 - Modified version to include ol suffix 18.09.8-1.0.3 - ol7 image related changes 18.09.8-1.0.2 - Merge upstream for CVE fixes...

Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources. 09/2019 : 1.0Beta Information Gathring Tools 21 Web Hacking Tools15 Reverse Engineering Tools 15 Exploitation Tools 6 Pentesting & Security Assessment Findings Report Templates 6 Password Attack Tools 4 Shell Tool...

Denial Of Service (DoS)

github.com/docker/cli is vulnerable to denial of service. The vulnerability exists as it was possible to cause the billion laughs attack through parsing a malicious yaml file causing an application crash...

CryptonDie - A Ransomware Developed For Study Purposes

CryptonDie is a ransomware developed for study purposes. Options --key key used to encrypt and decrypt files, default is random stringrecommended --dir Home directory for the attack, default is / --encrypt Encrypt all files --decrypt Decrypt all files --verbose Active verbose mode, default is Fal...

Kube-Alien - Tool To Launches Attack on K8s Cluster from Within

This tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it. After running the kube-alien pod it tries to takeover cluster's nodes by adding your public key to node's /root/.ssh/authorizedkeys file by...

Arbitrary File Read

github.com/opencontainers/runc is vulnerable to arbitrary file read. The vulnerability exists as the AppAmor restrictions can be bypassed due to incorrect mount targets check, allowing a malicious Docker image to be mounted over a /proc directory...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

DEBIAN-CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

Design/Logic Flaw

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

UBUNTU-CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...